Professional Documents
Culture Documents
Systems Security
Lesson 5
Access Controls
•Controls access to a
Logical computer system or
network
Group
Authority-level
Authorization membership
policy
policy
User-
assigned
privileges
• Actions
Guidelines
• Accounting
Asynchronous token
• USB token
• Smart card
• Memory cards (magnetic stripe)
Static Dynamic
(physiological) (behavioral)
measures measures
What you
What you do
are
•Accuracy
Reaction
Acceptability
time
Keystroke
Palm print Iris scan
dynamics
Hand Signature
Retina scan
geometry dynamics
Kerberos
Log files
Monitoring and reviews
Data retention
Media disposal
Compliance requirements
Linux and OS X
Windows
Physically
Database constrained
Menus Encryption
views user
interfaces
Bell-LaPadula model
Bad publicity
More oversight
Financial penalties